THE IT SECURITY PROFESSIONAL |
Barlowtek
The It security Pro
Helping Organizations Understand IT Security
&
Best Practices
Companies and organizations continue to grow and develop, and as a part of that process, they end up acquiring other businesses through a merger or acquisition. The question always comes, how do you integrate the diverse networks while still being secure? This can be a complicated and difficult question to answer because of all of the variables and moving pieces involved in such a issue. Whether you are the VP of IT, or the Director of IT Security, there is just not one way to tackle this issue. There are steps and some initial guidance on how this should be approached. While this is not a “one size fits all” type of recommendation, it can provide some of those basic aspects that you as the IT Security Pro will be facing. Getting a Handle on Things So, determining how you will integrate your computer networks and determining the direction from your senior management team will help facilitate a strategy that will be employed by your organization. This is true no matter if you are the acquiring organization or the one being acquired. This direction will help to provide a roadmap of how the integration will be accomplished and the ultimate goals that are looking to be achieved by its implementation. Risk Assessment & Evaluation Since you will be integrating two different networks, it is important to understand the potential risks involved and how those risks are evaluated. There could be quite dramatic differences between how the networks are managed and the resources that have been allocated to those requirements. Reconciling how this is accomplished will help to determine the course of action in merging these networks. Evaluating network security is an important part of this initial assessment in that it will provide a gap analysis as to what might be missing in one network, and what is available with the other. Having this detailed out will also allow the IT Security Pro to determine the best course of action that needs to be taken. This will also help those in senior management to make decisions based on what is occurring instead of guess work done by non-technical staff members. Course of Fire Each of the organizations have a responsibility to inform the other of what actions and process were taking place prior to the acquisition. This area should be accomplished prior to finalization of the process, but due to the complexities that go into these sorts of deals, its not usually thought of till after the fact. This is where the IT Security Pro will step in and help guide and provide information to all of the stakeholders involved in the network integration. Information Integration
This can be a very difficult aspect of the merger process to handle and should be carried out with integrations from both parties of the merger. Databases and repositories can be in diverse locations and both on premises and in the cloud. This can cause a headache to even the most seasoned IT Security Pro. Developing a plan on how to consolidate this information will be crucial in helping to determine the ultimate course of action that will be implemented. There are two common methods that organizations may employ initially: with a full integration and merger coming later in the process:
Compliance Complicates Everything Compliance requirements add to all the integration efforts a complication that can be very frustrating. This is especially true if you are in healthcare dealing with HIPPA requirements or PCI DSS for those in the banking industry. Some of these requirements and standards come into play when the organization hits specific benchmarks or capacities. Additionally, there could be fines associated with non-compliance to these standards as well. Integrating Standards With diverse organizations merging, some will have certifications and others may not. Determining what certifications to go with can or how they can be combined can pose its own difficulties. Some of these may be overcome with the accreditation body or the certification body that one of the organizations have used for their certification process. Also, adopting policies, procedures, and standards will have to be a course of action that should be addressed at the time of this integration process. The IT Security Pro will need to know the processes they need to follow and how that will relate to the work that they need to accomplish. Making it Work One of the most difficult aspects of this process is making everything work like it is all on the same network. Cost savings and combining resources is a huge reason why acquisitions happen. Once a strategy has been developed; it is up to the IT Security Pro to implement the plan and execute the various projects that can come from such a complicated project. Organizations will greatly benefit from the efforts that are put into the planning process and the IT Security Pro will benefit with they communicate these plans and issues to all the stakeholders involved. Summary Merger and acquisitions of corporate networks can be challenging, it is not as daunting as it looks on the surface. Integration needs to be planned and systematically applied across the network and its infrastructure. The effectiveness of this planning process will come in overall cost reductions in the management of the network and the increased efficiencies that come from integrating these systems. The roadmap to the integration should happen as soon as possible (during the negotiation period would be preferred) with both organizations providing resources and direction to the overall strategic outcome.
0 Comments
Growth of Ransomware Attacks: Strategies for Preventing & Isolating Them in Your Organization5/24/2021 As the days continue to drag on with the most resent high-profile ransomware attack here in the US (Colonial Pipeline that started on May 6th 2021), the east coast and the south are feeling the brunt of the effects of this recent attack the most. This is not a new thing; ransomware has been around for a few years now and organizations of all sizes should be prepared for its potential effects on their business. We have seen attacks against municipalities infrastructure and also governmental services as well. Ransomware is indiscriminate in who or what they attack, and let’s be clear here, these are individuals that are out to extort money from whomever and wherever they can. It is that plain and simple. This was a targeted attack on a system that was vulnerable. Preparation for Attack One of the key aspects that is coming to light after the initial shock of it is that the infrastructure that supports the US economy is the largest target on the face of the planet for these types of attacks. Whether it is the lack of a Patch Management Process, or simply using outdated and unsupported equipment, the attackers have done their research in preparation for the attack. Additionally, it was also revealed that they were able to exfiltrate a large amount of data prior to the attack taking place. Is this preparation for more to come? Paying the Ransom or Not? As most IT Security Pros know, the company or organization will have to determine what is in their best interests to do. Is it to pay the ransom and get on with your business, or is it better to work to find the culprits who are behind it, or even to simply replace the systems that have been locked? This is the biggest decision that must be made, and it can’t be made in a vacuum, it must be made in public. But this has consequences for either decision or the potential impacts those may have on the organization. Social Stigma The issue that seems to come up is what sort of publicity is going to be generated by the ransomware attack? The Colonial Pipeline attack has proven that this key infrastructure is vulnerable and that security measures must be taken in order to address them. It’s a terrible thing to have the world know that you have lack security measures in place and that your organization has been using outdated processes and equipment on a vital piece of infrastructure. What has come out in the last day (May 12th, 2021) is that Colonial Pipeline has told the world that they were not going to pay the ransom that was demanded of them. But as it turns out, they actually did, to the tune of over $5 million dollars. And when they got the key to unlock their systems, it didn’t work. Talk about having egg on your face! How will Colonial Pipeline explain what happened? Increasing Threats As organizations continue to keep quite on how much they are actually paying for the ransoms of their own information, attackers are ever increasing the amounts that they are asking for. As of the writing of this article, CNA Financial has recently disclosed that they have paid up to $40 Million dollars in order to obtain access to their information. (A link the article is provided below). This shows that depending on the organization that is targeted, it could end up being a huge payday for the criminals involved in the extortion. Stemming the tide of Infection One of the key components of ransomware is that it will usually migrate from system to system depending on the type and complexity of the infection apparatus that is being utilized. The following may be considered as ways of helping to stem the tide of infection and preventing more systems from being compromised:
The End User Delma When it comes to security of the network, the key factor in all of the outbreaks of ransomware has been the end user doing or downloading something that they know they should not. This education process comes in the form of Security Awareness training and how often it is performed. People are creatures of habit and curiosity, and so they will perform tasks without really thinking of the consequences that it may cause them. Here are a few of the ways that a potential ransomware attack can compromise your network:
Solutions
These are current solutions or ways in which to mitigate or lesson the potential impact of a ransomware attack:
Even with all the actions that have been provided here, organizations are still going to be compromised and will be held ransom for the data that they can’t access. This is also an ever-evolving area of IT Security and the IT Security Pro will need to know what it takes to help prevent an outbreak to their systems. No matter what strategy is employed by the organization, there will be a way to defeat it or work around it. The easiest way as pointed out above, is to focus on the end user and their potential actions when provided a compromised system of file. User education will allow the IT Security Pro to know where a potential attack may be coming from and what form it may be coming in. Educating the end user will help to secure up the frontline in the threat of a potential ransomware attack or may end up preventing one. Reference: www.theverge.com/2021/5/20/22446388/cna-insurance-ransomware-attack-40-million-dollar-ransom |
IT Security ProSecuring the future one byte at a time! Mr. Barlow is here, staying ahead of the curve in Information Security Leadership. Ready to help your company stay safe and secure. Categories
All
Archives
January 2023
|